CN114025356A - Malicious short message verification code identification method, related device and computer storage medium - Google Patents

Malicious short message verification code identification method, related device and computer storage medium Download PDF

Info

Publication number
CN114025356A
CN114025356A CN202111288858.9A CN202111288858A CN114025356A CN 114025356 A CN114025356 A CN 114025356A CN 202111288858 A CN202111288858 A CN 202111288858A CN 114025356 A CN114025356 A CN 114025356A
Authority
CN
China
Prior art keywords
short message
city
user
mobile phone
belongs
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111288858.9A
Other languages
Chinese (zh)
Inventor
刘慧中
喻俊
张志广
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Original Assignee
Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Happly Sunshine Interactive Entertainment Media Co Ltd filed Critical Hunan Happly Sunshine Interactive Entertainment Media Co Ltd
Priority to CN202111288858.9A priority Critical patent/CN114025356A/en
Publication of CN114025356A publication Critical patent/CN114025356A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/125Protection against power exhaustion attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/128Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application provides a method for identifying a malicious short message verification code, a related device and a computer storage medium, wherein the method comprises the following steps: firstly, in a request for sending a short message verification code, acquiring an internet interconnection protocol address of the request for sending and a mobile phone number of a short message to be acquired by a user; determining a city to which an internet protocol address belongs and a city to which a mobile phone number of a user to acquire a short message belongs; if the city to which the Internet protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs, the short message verification code is directly sent to the mobile phone of the user; if the city to which the internet protocol address belongs is not consistent with the city to which the mobile phone number of the user to acquire the short message belongs, the sending request is marked as a malicious request. Therefore, the aims of preventing malicious reading of the short message verification code and malicious consumption of short message cost and further reducing complaints caused by the fact that mobile phone number users receive the Moming short message are achieved.

Description

Malicious short message verification code identification method, related device and computer storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method for identifying a malicious short message authentication code, a related apparatus, and a computer storage medium.
Background
At present, there are many methods for preventing malicious reading of a short message verification code, and it is commonly used to determine whether a request frequency or times of an Internet Protocol (IP) address, a mobile phone number, a device number of a sending device in a request exceeds a threshold, whether the request frequency or times of the device number exists in a black product library, and whether the number of different mobile phone numbers switched by the same IP or the same device number exceeds the threshold.
However, the above methods are all controlled based on the request frequency or times, but when an attacker continuously changes the IP address or the device number, the protection can be bypassed, so that the short message verification code is maliciously refreshed, and the short message cost is maliciously consumed.
Disclosure of Invention
In view of the above, the present application provides a method, a related apparatus, and a computer storage medium for identifying a malicious short message verification code, which prevent malicious swiping of the short message verification code and malicious consumption of short message charges, thereby reducing complaints caused by mobile phone number users receiving a famous short message.
The first aspect of the present application provides a method for identifying a malicious short message verification code, which is applied to a server and includes:
in a sending request of a short message verification code, acquiring an internet interconnection protocol address of the sending request and a mobile phone number of a short message to be acquired by a user;
determining the city to which the Internet protocol address belongs and the city to which the mobile phone number of the user to acquire the short message belongs;
judging whether the city to which the Internet protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs;
if the city to which the internet interconnection protocol address belongs is judged to be consistent with the city to which the mobile phone number of the user for acquiring the short message belongs, the short message verification code is directly sent to the mobile phone of the user;
and if the city to which the internet interconnection protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for acquiring the short message belongs, marking the sending request as a malicious request.
Optionally, if it is determined that the city to which the ip address belongs is not consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs, marking the sending request as a malicious request, further includes:
generating abnormal information and sending the abnormal information to a client; and after receiving the abnormal information, the client guides the user to carry out preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, a short message verification code is sent to a mobile phone of the user.
Optionally, the determining the city to which the internet protocol address belongs and the city to which the mobile phone number of the user that wants to obtain the short message belongs includes:
calling an internet protocol address query service of a third party to query a city corresponding to the internet protocol address;
and calling a mobile phone number attribution inquiry service of a third party to inquire the city to which the mobile phone number of the user for acquiring the short message belongs.
A second aspect of the present application provides a method for identifying a malicious short message verification code, which is applied to a client, and includes:
receiving abnormal information sent by a server;
guiding a user to carry out preset human-computer interaction verification; and if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user.
The third aspect of the present application provides an apparatus for identifying a malicious short message verification code, which is applied to a server, and includes:
the system comprises an acquisition unit, a verification unit and a verification unit, wherein the acquisition unit is used for acquiring an internet protocol address of a sending request and a mobile phone number of a short message to be acquired by a user in the sending request of a short message verification code;
a determining unit, configured to determine a city to which the internet protocol address belongs and a city to which a mobile phone number of the user that wants to obtain the short message belongs;
a judging unit, configured to judge whether a city to which the ip address belongs is consistent with a city to which a mobile phone number of the user that wants to obtain a short message belongs;
a sending unit, configured to send a short message verification code directly to the mobile phone of the user if the determining unit determines that the city to which the internet protocol address belongs is consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs;
and the marking unit is used for marking the sending request as a malicious request if the city to which the internet protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for obtaining the short message belongs by the judging unit.
Optionally, the apparatus for identifying a malicious short message verification code further includes:
the generating unit is used for generating abnormal information and sending the abnormal information to the client; and after receiving the abnormal information, the client guides the user to carry out preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, a short message verification code is sent to a mobile phone of the user.
Optionally, the determining unit includes:
the first determining subunit is used for calling an internet protocol address query service of a third party and querying a city corresponding to the internet protocol address;
and the second determining subunit is used for calling the mobile phone number attribution inquiry service of the third party and inquiring the city to which the mobile phone number of the user for acquiring the short message belongs.
The fourth aspect of the present application provides an apparatus for identifying a malicious short message verification code, which is applied to a client, and includes:
the receiving unit is used for receiving the abnormal information sent by the server;
the verification unit is used for guiding a user to carry out preset human-computer interaction verification; and if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user.
A fifth aspect of the present application provides a server, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, the one or more programs cause the one or more processors to implement the method for identifying a malicious short message authentication code according to any one of the first aspect.
A sixth aspect of the present application provides an electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, the one or more programs cause the one or more processors to implement the method for identifying a malicious short message authentication code according to the second aspect.
A seventh aspect of the present application provides a computer storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the method for identifying a malicious short message authentication code according to any one of the first aspect or the second aspect.
According to the above scheme, the identification method of the malicious short message verification code, the related device and the computer storage medium provided by the application comprise the following steps: firstly, in a request for sending a short message verification code, acquiring an internet interconnection protocol address of the request for sending and a mobile phone number of a short message to be acquired by a user; determining the city to which the Internet protocol address belongs and the city to which the mobile phone number of the user to acquire the short message belongs; then, judging whether the city to which the Internet interconnection protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs; if the city to which the internet interconnection protocol address belongs is judged to be consistent with the city to which the mobile phone number of the user for acquiring the short message belongs, the short message verification code is directly sent to the mobile phone of the user; and if the city to which the internet interconnection protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for acquiring the short message belongs, marking the sending request as a malicious request. Therefore, the aims of preventing malicious reading of the short message verification code and malicious consumption of short message cost and further reducing complaints caused by the fact that mobile phone number users receive the Moming short message are achieved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart illustrating an embodiment of a method for identifying a malicious short message authentication code applied to a server according to the present disclosure;
fig. 2 is a flowchart illustrating an embodiment of a method for identifying a malicious short message authentication code applied to a server according to the present application;
fig. 3 is a flowchart illustrating an embodiment of a method for identifying a malicious short message authentication code applied to a client according to the present application;
fig. 4 is a schematic diagram of an apparatus for identifying a malicious short message authentication code applied to a server according to an embodiment of the present disclosure;
fig. 5 is a schematic diagram of an apparatus for identifying a malicious short message authentication code applied to a server according to another embodiment of the present application;
fig. 6 is a schematic diagram of an apparatus for identifying a malicious short message authentication code applied to a client according to another embodiment of the present disclosure;
fig. 7 is a schematic diagram of a server implementing a method for identifying a malicious short message authentication code according to another embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present application are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this application are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that reference to "one or more" unless the context clearly dictates otherwise.
The embodiment of the application provides a method for identifying a malicious short message verification code, which is applied to a server and specifically comprises the following steps as shown in fig. 1:
s101, in a sending request of the short message verification code, an internet interconnection protocol address of the sending request and a mobile phone number of a user needing to obtain a short message are obtained.
Wherein, the internet protocol address for sending the request refers to the IP address used by the user.
S102, determining a city to which an Internet protocol address belongs and a city to which a mobile phone number of a user to acquire a short message belongs.
Optionally, in another embodiment of the present application, an implementation manner of step S102, as shown in fig. 2, includes:
s201, an internet interconnection protocol address query service of a third party is called, and a city corresponding to the internet interconnection protocol address is queried.
S202, calling a third party mobile phone number attribution inquiry service to inquire a city to which the mobile phone number of the user for acquiring the short message belongs.
S103, judging whether the city to which the Internet protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs.
Specifically, if the city to which the internet protocol address belongs is judged to be consistent with the city to which the mobile phone number of the user to acquire the short message belongs, step S104 is executed; if the city to which the internet protocol address belongs is determined to be inconsistent with the city to which the mobile phone number of the user for acquiring the short message belongs, step S105 is executed.
And S104, directly sending the short message verification code to the mobile phone of the user.
And S105, marking the sending request as a malicious request.
Optionally, in another embodiment of the present application, after the server marks the sending request as a malicious request, an implementation method of the method for identifying a malicious short message verification code applied to the server further includes:
and generating abnormal information and sending the abnormal information to the client.
After receiving the abnormal information, the client guides the user to perform preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, the client sends a short message verification code to a mobile phone of the user. If the verification fails to pass the preset human-computer interaction verification, the short message verification code is not sent to the mobile phone of the user, and the short message verification code is prevented from being maliciously swiped.
This embodiment will now be illustrated:
in the request for sending the short message verification code, the internet interconnection protocol address of the request for sending and the mobile phone number of the short message to be obtained by the user are obtained. If the internet interconnection protocol address for sending the request is XX.XX.XX.XXX and the mobile phone number of the short message to be obtained by the user is 1 XXXXXXXXXXX, inquiring whether the city corresponding to XX.XX.XXX is Jiangxi province Nanchang city by calling the internet interconnection protocol address inquiry service of the third party; calling a mobile phone number attribution inquiry service of a third party, and inquiring that the city to which the mobile phone number 1 XXXXXXXXXXXX of the short message to be acquired by the user belongs is Hunan province Changsha; the method includes that a city to which an internet interconnection protocol address belongs is inconsistent with a city to which a mobile phone number of a user to acquire a short message belongs, the sending request is indicated to have a possibility of malicious request, so that a short message verification code cannot be directly sent, abnormal information needs to be sent to a client, the client guides the user to perform preset human-computer interaction verification after receiving the abnormal information, and if the abnormal information passes the preset human-computer interaction verification, the short message verification code is sent to a mobile phone of the user. If the verification fails to pass the preset human-computer interaction verification, the short message verification code is not sent to the mobile phone of the user, and the short message verification code is prevented from being maliciously swiped.
In another embodiment of the present application, a method for identifying a malicious short message verification code is applied to a client, as shown in fig. 3, and includes:
s301, receiving abnormal information sent by the server.
And S302, guiding a user to perform preset human-computer interaction verification.
And if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user. If the verification fails to pass the preset human-computer interaction verification, the short message verification code is not sent to the mobile phone of the user, and the short message verification code is prevented from being maliciously swiped.
According to the scheme, the identification method of the malicious short message verification code comprises the following steps: firstly, in a request for sending a short message verification code, acquiring an internet interconnection protocol address of the request for sending and a mobile phone number of a short message to be acquired by a user; determining a city to which an internet protocol address belongs and a city to which a mobile phone number of a user to acquire a short message belongs; then, judging whether the city to which the Internet interconnection protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs; if the city to which the internet interconnection protocol address belongs is judged to be consistent with the city to which the mobile phone number of the user to acquire the short message belongs, the short message verification code is directly sent to the mobile phone of the user; and if the city to which the internet interconnection protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for acquiring the short message belongs, marking the sending request as a malicious request. Therefore, the aims of preventing malicious reading of the short message verification code and malicious consumption of short message cost and further reducing complaints caused by the fact that mobile phone number users receive the Moming short message are achieved.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Another embodiment of the present application provides an apparatus for identifying a malicious short message verification code, which is applied to a server, and as shown in fig. 4, the apparatus specifically includes:
the obtaining unit 401 is configured to obtain, in the request for sending the short message verification code, an internet protocol address of the request for sending and a mobile phone number of the user to obtain the short message.
A determining unit 402, configured to determine a city to which an internet protocol address belongs and a city to which a mobile phone number of a user that wants to obtain a short message belongs.
Optionally, in another embodiment of the present application, an implementation manner of the determining unit 402 is shown in fig. 5, and includes:
the first determining subunit 501 is configured to invoke an internet protocol address query service of a third party, and query a city corresponding to an internet protocol address.
The second determining subunit 502 is configured to invoke a third-party mobile phone number location query service, and query a city to which a mobile phone number of the user that wants to obtain the short message belongs.
For a specific working process of the unit disclosed in the above embodiment of the present application, reference may be made to the content of the corresponding method embodiment, as shown in fig. 2, which is not described herein again.
The determining unit 403 is configured to determine whether a city to which the internet protocol address belongs is consistent with a city to which a mobile phone number of the user that wants to obtain the short message belongs.
A sending unit 404, configured to send the short message verification code directly to the mobile phone of the user if the determining unit 403 determines that the city to which the internet protocol address belongs is consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs.
A marking unit 405, configured to mark the sending request as a malicious request if the determining unit 403 determines that the city to which the internet protocol address belongs is not consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs.
For a specific working process of the unit disclosed in the above embodiment of the present application, reference may be made to the content of the corresponding method embodiment, as shown in fig. 1, which is not described herein again.
Optionally, in another embodiment of the present application, an implementation manner of the apparatus for identifying a malicious short message verification code applied to a server further includes:
and the generating unit is used for generating the abnormal information and sending the abnormal information to the client.
After receiving the abnormal information, the client guides the user to perform preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, the client sends a short message verification code to a mobile phone of the user.
For specific working processes of the units disclosed in the above embodiments of the present application, reference may be made to the contents of the corresponding method embodiments, which are not described herein again.
Optionally, in another embodiment of the present application, an implementation manner of the apparatus for identifying a malicious short message verification code applied to a client is shown in fig. 6, and includes:
the receiving unit 601 is configured to receive the exception information sent by the server.
The verification unit 602 is configured to guide a user to perform preset human-computer interaction verification.
And if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user.
For a specific working process of the unit disclosed in the above embodiment of the present application, reference may be made to the content of the corresponding method embodiment, as shown in fig. 6, which is not described herein again.
According to the scheme, the identification device for the malicious short message verification code comprises the following steps: firstly, the obtaining unit 401 obtains an internet protocol address of a sending request and a mobile phone number of a user to obtain a short message in the sending request of a short message verification code; the determining unit 402 determines the city to which the internet protocol address belongs and the city to which the mobile phone number of the user to acquire the short message belongs; then, the determining unit 403 determines whether the city to which the ip address belongs is consistent with the city to which the mobile phone number of the user to obtain the short message belongs; if the determining unit 403 determines that the city to which the internet protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs, the sending unit 404 directly sends the short message verification code to the mobile phone of the user; if the determining unit 403 determines that the city to which the ip address belongs is not consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs, the marking unit 405 marks the sending request as a malicious request. Therefore, the aims of preventing malicious reading of the short message verification code and malicious consumption of short message cost and further reducing complaints caused by the fact that mobile phone number users receive the Moming short message are achieved.
Another embodiment of the present application provides a server, as shown in fig. 7, including:
one or more processors 701.
A storage 702 having one or more programs stored thereon.
When the one or more programs are executed by the one or more processors 701, the one or more processors 701 enable the identification method of the malicious short message authentication code, which is applied to any one of the service terminals in the above embodiments.
Another embodiment of the present application provides an electronic device, including:
one or more processors.
A storage device having one or more programs stored thereon.
When the one or more programs are executed by the one or more processors, the one or more processors are enabled to implement the identification method of the malicious short message authentication code applied to the client as in the above embodiments.
It should be noted that, for a schematic diagram of the electronic device, reference may be made to the server.
Another embodiment of the present application provides a computer storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the method for identifying a malicious short message authentication code applied to a service end or the method for identifying a malicious short message authentication code applied to a service end as described in any one of the above embodiments.
In the context of this application, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
It should be noted that the computer readable medium mentioned above in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
Another embodiment of the present application provides a computer program product, which is configured to execute any one of the above methods for identifying a malicious short message authentication code when the computer program product is executed.
In particular, according to embodiments of the application, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program carried on a non-transitory computer readable medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means, or installed from a storage means, or installed from a ROM. The computer program, when executed by a processing device, performs the above-described functions defined in the method of the embodiments of the present application.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.
While several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the application. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the application referred to in the present application is not limited to the embodiments with a particular combination of the above-mentioned features, but also encompasses other embodiments with any combination of the above-mentioned features or their equivalents without departing from the scope of the application. For example, the above features may be replaced with (but not limited to) features having similar functions as those described in this application.

Claims (10)

1. A method for identifying a malicious short message verification code is applied to a server and comprises the following steps:
in a sending request of a short message verification code, acquiring an internet interconnection protocol address of the sending request and a mobile phone number of a short message to be acquired by a user;
determining the city to which the Internet protocol address belongs and the city to which the mobile phone number of the user to acquire the short message belongs;
judging whether the city to which the Internet protocol address belongs is consistent with the city to which the mobile phone number of the user to acquire the short message belongs;
if the city to which the internet interconnection protocol address belongs is judged to be consistent with the city to which the mobile phone number of the user for acquiring the short message belongs, the short message verification code is directly sent to the mobile phone of the user;
and if the city to which the internet interconnection protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for acquiring the short message belongs, marking the sending request as a malicious request.
2. The method according to claim 1, wherein if it is determined that the city to which the ip address belongs is not consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs, after marking the sending request as a malicious request, the method further comprises:
generating abnormal information and sending the abnormal information to a client; and after receiving the abnormal information, the client guides the user to carry out preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, a short message verification code is sent to a mobile phone of the user.
3. The method according to claim 1, wherein the determining the city to which the ip address belongs and the city to which the phone number of the user that wants to obtain the sms belongs comprises:
calling an internet protocol address query service of a third party to query a city corresponding to the internet protocol address;
and calling a mobile phone number attribution inquiry service of a third party to inquire the city to which the mobile phone number of the user for acquiring the short message belongs.
4. A method for identifying a malicious short message verification code is applied to a client and comprises the following steps:
receiving abnormal information sent by a server;
guiding a user to carry out preset human-computer interaction verification; and if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user.
5. The device for identifying the malicious short message verification code is applied to a server and comprises the following components:
the system comprises an acquisition unit, a verification unit and a verification unit, wherein the acquisition unit is used for acquiring an internet protocol address of a sending request and a mobile phone number of a short message to be acquired by a user in the sending request of a short message verification code;
a determining unit, configured to determine a city to which the internet protocol address belongs and a city to which a mobile phone number of the user that wants to obtain the short message belongs;
a judging unit, configured to judge whether a city to which the ip address belongs is consistent with a city to which a mobile phone number of the user that wants to obtain a short message belongs;
a sending unit, configured to send a short message verification code directly to the mobile phone of the user if the determining unit determines that the city to which the internet protocol address belongs is consistent with the city to which the mobile phone number of the user that wants to obtain the short message belongs;
and the marking unit is used for marking the sending request as a malicious request if the city to which the internet protocol address belongs is judged to be inconsistent with the city to which the mobile phone number of the user for obtaining the short message belongs by the judging unit.
6. The identification device of claim 5, further comprising:
the generating unit is used for generating abnormal information and sending the abnormal information to the client; and after receiving the abnormal information, the client guides the user to carry out preset human-computer interaction verification, and if the abnormal information passes the preset human-computer interaction verification, a short message verification code is sent to a mobile phone of the user.
7. The device for identifying the malicious short message verification code is applied to a client and comprises the following components:
the receiving unit is used for receiving the abnormal information sent by the server;
the verification unit is used for guiding a user to carry out preset human-computer interaction verification; and if the verification passes the preset human-computer interaction verification, the server side sends a short message verification code to the mobile phone of the user.
8. A server, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method for identifying a malicious short message authentication code according to any of claims 1 to 3.
9. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method for identifying a malicious short message authentication code as claimed in claim 4.
10. A computer storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the method for identifying a malicious short message authentication code according to any one of claims 1 to 3 or the method for identifying a malicious short message authentication code according to claim 4.
CN202111288858.9A 2021-11-02 2021-11-02 Malicious short message verification code identification method, related device and computer storage medium Pending CN114025356A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111288858.9A CN114025356A (en) 2021-11-02 2021-11-02 Malicious short message verification code identification method, related device and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111288858.9A CN114025356A (en) 2021-11-02 2021-11-02 Malicious short message verification code identification method, related device and computer storage medium

Publications (1)

Publication Number Publication Date
CN114025356A true CN114025356A (en) 2022-02-08

Family

ID=80060343

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111288858.9A Pending CN114025356A (en) 2021-11-02 2021-11-02 Malicious short message verification code identification method, related device and computer storage medium

Country Status (1)

Country Link
CN (1) CN114025356A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114598550A (en) * 2022-03-28 2022-06-07 中国银行股份有限公司 Short message verification code attack protection method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108183914A (en) * 2018-01-10 2018-06-19 浪潮通用软件有限公司 A kind of method for preventing malice swipe short message verification code from sending service
CN109934703A (en) * 2019-03-18 2019-06-25 吴鹏翔 A kind of financial account method for managing security

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108183914A (en) * 2018-01-10 2018-06-19 浪潮通用软件有限公司 A kind of method for preventing malice swipe short message verification code from sending service
CN109934703A (en) * 2019-03-18 2019-06-25 吴鹏翔 A kind of financial account method for managing security

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114598550A (en) * 2022-03-28 2022-06-07 中国银行股份有限公司 Short message verification code attack protection method and device

Similar Documents

Publication Publication Date Title
CN110856126B (en) Information reporting and receiving method, terminal equipment and storage medium
US11108761B2 (en) Method, apparatus and system for remote control of intelligent device
CN111062024B (en) Application login method and device
WO2014172956A1 (en) Login method,apparatus, and system
CN109995876B (en) File transmission method, device, system and computer storage medium
CN111258602B (en) Information updating method and device
CN109462601B (en) Multi-platform access method and device based on eSIM
US20150207774A1 (en) Method and System of APP for Obtaining MAC Address of Terminal
US20150264095A1 (en) Web service push method and web service push server and web service providing server performing same
CN110516471B (en) Product promotion method based on information security and related equipment
CN108429739B (en) Method, system and terminal equipment for identifying honeypots
CN104702760A (en) Communication number updating method and device
KR20130022533A (en) System and method for automatically installing applications
CN104980420A (en) Business processing method, device, terminal and server
CN112231765A (en) Data transmission method and device, electronic equipment and storage medium
CN110674481B (en) Account registration method, device, equipment and storage medium of application program
CN112165727A (en) Parallel network distribution system and method and mobile terminal
CN111970680A (en) Profile downloading method and device based on eUICC subscription platform
CN114025356A (en) Malicious short message verification code identification method, related device and computer storage medium
CN109688096B (en) IP address identification method, device, equipment and computer readable storage medium
CN104426834A (en) Webpage requesting method, client, server and system
CN108513272B (en) Short message processing method and device
CN108156071B (en) Method for adding members to community, terminal device and computer readable storage medium
CN112948138A (en) Method and device for processing message
CN105302617A (en) Method and sever for downloading application program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination